Two scam emails to avoid and why

Two ‘free’ update emails are scams but not detected by Outlook. We check out the ‘red flags’ you should look for in any suspicious or unexpected email.

Two similar scam messages have arrived in the last day, they might fool some people and certainly don’t get caught by Microsoft Outlook’s spam filter. In this article we’ll look at both these bogus emails as examples of some things to be wary of

Here’s the two messages. The first promises Skype updates which can be enticing.

Scam email promising Skype updates.jpg image from Two scam emails to avoid and why at Office-Watch.com

Outlook has blocked the download of linked images, the default action. The formatting looks fairly professional and the spelling correct except for ‘Copy rights’ as two words.

The second message is supposed to come from Adobe with an upgrade to the PDF reader.

Scam email promising PDF Adobe updates.jpg image from Two scam emails to avoid and why at Office-Watch.com

This message as in plain text and so isn’t as well formatted.

Both messages are left in your Inbox by the latest version of the Outlook Junk email filter but should look suspicious to any regular email user. Here’s the tell-tale signs that should raise a ‘red flag’ in your mind:



  • The domain name doesn’t match the common site for that company. Eg skype-upgrade.com instead of skype.com . Always check the actual link offered by any email, if you’re not sure go to the known web site for that company rather than the link in the email. That especially applies to banks.
  • You don’t normally get emails about updates for either Skype or Adobe Acrobat (both will prompt you within the programs if there’s an update).
  • The ‘PDF’ email is in plain text which isn’t likely from a company like Adobe.
  • It’s possible that your email address isn’t known to that company. For example you might have a Skype account but not linked to the address used by the email. Or you haven’t registered your PDF viewer with Adobe so why/how are they emailing you.

Checking the domains

If you’re uncertain about the validity of an email, you can check the domain in the email to see if its registered to the right company.

Start at http://www.internic.net/whois.html which will tell you the domain registrar for a particular domain name. For both of these domains (skype-upgrade.com and pdf-adobe-upgrade.com ) were registered by a Russian domain registrar which is another ‘red flag’ suggesting that the domains are bogus.

Checking the domain registrar WhoIs details (see below) shows that both domains are registered to a person, not a company, with the same address in New York. Neither are registered to the right company (Skype or Adobe) nor do they use the standard corporate address. The fact that the domain owner is the same person confirms the suspicion that the emails are different versions of the same scam.

Google Maps tells us what you’d expect from scam emails – the physical address on the domain registration (820 Parkway St, New York, 10024) is bogus. There is no ‘Parkway St’ in New York (only Parkway Ct, Parkway Dr and Parkway N).

The contact phone number (800 380920) has only 6 digits after the prefix instead of the necessary 7.

Furthermore the domains were only created in the last few days (12 and 13 September 2010).

If you weren’t sure before, the nature of the domain registration should be enough to convince you to ignore the emails.

WhoIs information for skype-upgrade.com.jpg image from Two scam emails to avoid and why at Office-Watch.com

Source: https://www.nic.ru/whois/?query=pdf-adobe-upgrade.com as at 13 Sept 2010 at 7:32am UTC

WhoIs information for pdf-adobe-upgrade.com.jpg image from Two scam emails to avoid and why at Office-Watch.com

Source: https://www.nic.ru/whois/?query=SKYPE-UPGRADE.COM as at 13 Sept 2010 at 7:32am UTC